Open HenrikJannsen opened 2 days ago
I think that more than the value of the rate limiting itself, if a temp ban will be automatically issued, an important feature will be to warn the user once he reaches 80% of that limit, or in any case just in time before he is banned. I don't see a legit reason why someone should write that much, but you never know, and it could result in very bad UX for someone getting banned while he was doing something not malicious.
To avoid spam (as we got recently) we can add a rate limiting to messages and a ban policy if the limit is exceeded.
The detection of a misbehaving user is done at the domain layer (chat) and we can use the ban list (part of network but not used so far) to ban the user. Though that is not enough as we want to filter the messages where that user was the author. This could be done by a new feature using generic interface which gets implemented by the higher level domain.
The ban could be temporary and only in repeated detection becomes a permanent ban.
Suggested rate limit values:
Ban policy:
We could add a UI for managing banned users (remove banned users from the ban list).
Note, that this is all a local feature. The moderator can ban users network wide and that is an independent feature. Also users can ban manually other users locally in the chat UI.